Div0 WICS Workshop — Introduction to Web Applications Pentesting

In this workshop, you will learn how to set up and get some basic hands-on with the de facto Web Applications pentesting toolkit — Burp Suite. Together with the instructor, you will walk through hacking exercises that cover common vulnerabilities e.g. Insecure Direct Object Reference (IDOR), Business Logic Error/Bypass, and more.

Date: 18 December 2021 (Saturday)

Time: 3pm-5pm (SGT, GMT+8)

This workshop will be conducted Live Online via Zoom. The Zoom link will be made available to selected registrants.

Attendees are required to get a free Portswigger Web Security Academy account: https://portswigger.net/web-security The instructor will be going through labs hosted on the Web Security Academy.

Attendees are also required to download the free community version of Burp: https://portswigger.net/burp/releases A virtual machine (VM) is not necessary. Attendees can set up Burp on their host machine.

CHRISTINA OH is a pentester and white hat hacker by profession. She specialises in uncovering security loopholes and flaws within web and mobile applications. A computer science graduate, she was a programmer for five years before making the switch to the offensive side of cybersecurity. When carrying out her pentesting role, she enjoys taking on the mindset of a threat actor, exploring various methods to break and exploit applications, and helping stakeholders to access their security posture, in hopes of minimising risk and exploitation by black hat hackers at large.

Div0 WICS aims to develop a sustainable women cybersecurity talent pipeline through learning, training, community engagement and support.

Learn More: https://www.div0.sg/wics